Last Updated: | Effective:
This Privacy Policy applies to all digital products and services operated by Xiping Canxin New Energy Technology Co., Ltd, a company registered in China with its principal place of business at No. 26, Group 8, Fenglaozhuang Village Committee, Caizhai Hui Ethnic Township, Xiping County, 463900, People's Republic of China.
This Policy covers:
For users located in the European Economic Area (EEA) and the United Kingdom, Canxin acts as the data controller as defined under GDPR and UK GDPR. For activities conducted by third-party service providers and advertising networks, those parties are independent controllers or processors as applicable and governed by their own privacy policies.
We use personal information for the following purposes and legal bases:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Providing and maintaining our services | Contract performance (Art. 6(1)(b)) |
| Responding to contact form inquiries | Legitimate interests / Pre-contractual (Art. 6(1)(b)(f)) |
| Processing enterprise account setup | Contract performance (Art. 6(1)(b)) |
| Sending newsletters and marketing | Consent (Art. 6(1)(a)) — opt-in required |
| Analytics and product improvement | Legitimate interests (Art. 6(1)(f)) |
| Personalised and interest-based advertising | Consent (Art. 6(1)(a)) — IAB TCF / ATT required |
| Fraud detection and security | Legitimate interests (Art. 6(1)(f)) |
| Legal compliance and record-keeping | Legal obligation (Art. 6(1)(c)) |
| IoT device telemetry processing | Contract performance (Art. 6(1)(b)) |
We do not use your personal information for automated decision-making or profiling that produces legal or similarly significant effects without your explicit consent.
We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. We share information only in the following circumstances:
We engage trusted service providers to assist in operating our services, subject to strict data processing agreements (DPAs) that prohibit them from using your data for any purpose other than providing services to us. These include cloud infrastructure providers, email delivery services, analytics platforms, and customer support tools.
Our mobile application integrates advertising SDKs from the third-party advertising networks listed in Section 5. These SDKs may collect device identifiers, IP addresses, and behavioral signals to deliver contextual or interest-based advertisements. Please see Section 5 for details of each partner and their opt-out mechanisms.
Google (via Google Play) and Apple (via the App Store) receive data as part of normal app distribution, update delivery, crash reporting, and subscription management. This is governed by their respective developer program agreements and privacy policies.
In the event of a merger, acquisition, financing, restructuring, or sale of all or part of our assets, your personal information may be transferred as part of the transaction. We will notify you via prominent notice on our website or by email before your data is transferred and becomes subject to a different privacy policy.
We may disclose your information if required to do so by law, court order, governmental regulation, or legal process, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Canxin, our users, or the public.
We may share aggregated, de-identified, or anonymized data — such as aggregate energy generation statistics — with partners, investors, or the public. Such data cannot be reasonably used to identify any individual.
Our mobile application (available on Google Play and the Apple App Store) integrates software development kits (SDKs) from third-party advertising and analytics companies to deliver advertisements and measure app performance. These SDKs operate under their own privacy policies. The following is a complete list of integrated advertising and analytics SDKs:
Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy Policy: policies.google.com/privacy
Opt-Out / Ad Settings: adssettings.google.com | Google Play: Settings > Google > Ads > Reset Advertising ID or Opt Out of Personalization
Data Collected: Google Advertising ID (GAID), device ID, IP address, app usage events, location (if permission granted), browser cookies, and interest category signals.
Purpose: Delivery of banner, interstitial, rewarded video, and native advertisements; ad frequency capping; fraud detection; conversion measurement; audience segmentation.
AdMob Policies: We comply with Google AdMob's Publisher Policies, including prohibitions on click fraud, invalid traffic, inappropriate content adjacent to ads, and misrepresentation. We implement Google's EU User Consent Policy (EUCP) via a certified CMP for EEA/UK users. We use AdMob's Restricted Data Processing (RDP) feature for California users where required under CCPA.
Provider: Meta Platforms, Inc., 1 Meta Way, Menlo Park, CA 94025, USA.
Privacy Policy: facebook.com/privacy/policy/
Opt-Out: Facebook Ad Preferences | DAA opt-out at optout.aboutads.info
Data Collected: Mobile Advertising ID, hashed device identifiers, app events, ad interaction events, and demographic signals.
Purpose: Delivery of interest-based banner, interstitial, native, and rewarded video ads; app install attribution; lookalike audience creation.
Compliance: We comply with Meta's Audience Network Policies, including restrictions on sensitive data categories, prohibited content, and the requirement to present Meta's Data Use Checkup disclosures where required.
Provider: AppLovin Corporation, 1100 Page Mill Road, Palo Alto, CA 94304, USA.
Privacy Policy: applovin.com/privacy/
Opt-Out: AppLovin provides an opt-out at applovin.com/optout/
Data Collected: Advertising ID, IP address, device information, app usage signals, and auction-related metadata through the MAX mediation platform.
Purpose: Ad mediation, real-time bidding (RTB), fill optimization across multiple ad networks, and performance analytics.
Note: AppLovin MAX mediates multiple demand sources simultaneously. All mediated partner SDKs are subject to their own privacy policies. We have reviewed and accepted AppLovin's publisher terms, which require GDPR and CCPA compliance mechanisms.
Provider: Unity Technologies, 30 3rd Street, San Francisco, CA 94103, USA.
Privacy Policy: unity.com/legal/privacy-policy
Opt-Out: Via Unity Ads dashboard or device-level ad ID opt-out.
Data Collected: Advertising ID, session data, app event data, game performance metadata, and in-app purchase signals.
Purpose: Delivery of rewarded video and interstitial advertisements; in-app purchase attribution; user engagement analytics.
Compliance: We comply with Unity's Publisher Policies and Data Processing Agreement, including GDPR consent requirements. Unity's Audience Pinpointing opt-out is surfaced to EEA users via our CMP.
Provider: IronSource Ltd. (merged with Unity Technologies), Tel Aviv, Israel.
Privacy Policy: is.com/privacy-policy/
Opt-Out: Via IronSource privacy opt-out portal or app-level advertising ID opt-out.
Data Collected: Advertising ID, device fingerprint signals (for fraud prevention only), IP address, app event signals, and rewarded ad completion events.
Purpose: Delivery of rewarded video, offerwall, and interstitial advertisements; mediation; user acquisition analytics.
Compliance: We comply with IronSource Publisher Policies. For EEA users, IronSource operates under Standard Contractual Clauses (SCCs) for data transfers outside the EEA.
Provider: Liftoff Mobile, Inc. (formerly Vungle, Inc.), 900 Middlefield Road, Redwood City, CA 94063, USA.
Privacy Policy: liftoff.io/privacy-policy/
Opt-Out: Liftoff Privacy Opt-Out
Data Collected: Advertising ID, device type, OS version, app version, IP address, and ad interaction data.
Purpose: Delivery of video interstitial and rewarded video advertisements; user acquisition; retargeting.
Compliance: Liftoff is GDPR and CCPA compliant. We pass consent signals via the IAB TCF 2.0 framework.
Provider: InMobi Pte. Ltd., 30 Cecil Street, #19-08, Prudential Tower, Singapore 049712.
Privacy Policy: inmobi.com/privacy-policy/
Opt-Out: inmobi.com/page/opt-out/
Data Collected: Device ID, IP address, location (coarse), app context, and behavioral signals for ad targeting.
Purpose: Delivery of mobile banner, interstitial, and video advertisements across global markets including Asia-Pacific, Europe, and North America.
Compliance: InMobi complies with GDPR, CCPA, COPPA, Australia's Privacy Act, and Singapore's PDPA. We pass consent signals through InMobi's consent API.
Provider: Mintegral International Limited, a subsidiary of Mobvista Inc., with offices in Hong Kong and Singapore.
Privacy Policy: mintegral.com/en/privacy/
Opt-Out: Via app-level advertising ID opt-out or Mintegral privacy contact.
Data Collected: Advertising ID, device attributes, IP address, app usage signals, creative interaction data, and post-install event attribution data.
Purpose: Programmatic delivery of interactive video, playable, and rewarded video advertisements; user acquisition; attribution.
Compliance: Mintegral complies with GDPR, CCPA, PIPL (China), PDPA (Singapore), and Australia's Privacy Act. All data transfers from the EEA use SCCs.
Provider: Bytedance Ltd. / TikTok for Business (Pangle), Singapore and global offices.
Privacy Policy: pangleglobal.com/privacy/enduser-en
Opt-Out: Device advertising ID opt-out or Pangle privacy contact form.
Data Collected: Advertising ID, device identifier, IP address, app event data, video ad interaction data, and click attribution signals.
Purpose: Delivery of video, rewarded, interstitial, and native advertisements; user acquisition analytics; lookalike audience modeling.
Compliance: Pangle complies with GDPR (via SCCs), CCPA, PIPL, and PDPA. Consent is obtained through our CMP before enabling personalized Pangle ads for EEA/UK users.
Provider: Chartboost, Inc., a subsidiary of Zynga Inc., 699 8th Street, San Francisco, CA 94103, USA.
Privacy Policy: chartboost.com/legal/privacy-policy/
Opt-Out: Via device-level ad ID opt-out or Chartboost privacy contact.
Data Collected: Device ID, advertising ID, app context, and behavioral interaction signals.
Purpose: Delivery of interstitial, rewarded, and playable advertisements; direct deal marketplace participation.
Compliance: Chartboost complies with GDPR, CCPA, and COPPA. We pass IAB TCF 2.0 consent strings to Chartboost's consent API.
Provider: Digital Turbine, Inc. (formerly AdColony), 6701 W Parmer Lane, Austin, TX 78729, USA.
Privacy Policy: digitalturbine.com/privacy-policy/
Opt-Out: Digital Turbine Opt-Out
Data Collected: Advertising ID, device attributes, IP address, and high-definition video ad interaction events.
Purpose: Delivery of high-definition video interstitial and rewarded video advertisements; value exchange advertising.
Compliance: Digital Turbine is GDPR compliant and a member of the Network Advertising Initiative (NAI) and Digital Advertising Alliance (DAA).
Provider: Tapjoy, Inc. (part of IronSource/Unity), San Francisco, CA, USA.
Privacy Policy: tapjoy.com/legal/#privacy-policy
Opt-Out: Via Tapjoy opt-out URL embedded in in-app offerwall disclosures.
Data Collected: Advertising ID, IP address, in-app event completions, and offer interaction data.
Purpose: Offerwall and rewarded engagement advertisements where users earn virtual currency or content for completing advertiser offers.
Compliance: Tapjoy complies with GDPR and CCPA. Offerwall disclosures include direct links to privacy opt-out mechanisms.
Provider: Fyber N.V. (acquired by Digital Turbine), Berlin, Germany.
Privacy Policy: fyber.com/privacy-policy/
Data Collected: Advertising ID, device data, IP address, and bidstream signals through the Fyber FairBid mediation platform.
Purpose: Mediated header bidding, rewarded video, and interstitial ad delivery.
Provider: Smaato, Inc., 270 Lafayette Street, Suite 702, New York, NY 10012, USA.
Privacy Policy: smaato.com/privacy/
Data Collected: Advertising ID, device type, IP address, and standard OpenRTB bid-request signals.
Purpose: Programmatic real-time bidding demand for banner and interstitial ad inventory.
Provider: Google LLC.
Privacy Policy: firebase.google.com/support/privacy
Data Collected: Anonymous user IDs, app event sequences, session duration, crash stack traces, device attributes, and OS version.
Purpose: App performance monitoring, crash reporting, funnel analysis, and A/B testing. Data is used in aggregate form and does not personally identify you.
Opt-Out: You may disable Firebase Analytics data collection by enabling "Disable Analytics Data Collection" in the app Settings menu.
Our mobile application displays advertisements to support free access to core features. We use the following ad formats:
Static or animated rectangular advertisements displayed at the top or bottom of app screens. Banner ads may appear contextually or in a personalized manner based on your advertising preferences. They do not interrupt app use. You may close or minimize banner ads where the dismiss control is visible.
Full-screen advertisements that appear at natural transition points in the app, such as between screens or at app launch ("splash ads"). Interstitial ads display a visible close button (typically after 5 seconds) and must not appear during active user interaction with core functions. We comply with Google AdMob's interstitial placement policies, including prohibition of accidental clicks and frequency capping requirements.
Optional full-screen video advertisements that users voluntarily choose to watch in exchange for an in-app reward (such as extended monitoring access, premium features, or virtual items). Rewarded ads are always opt-in. You are never required to watch a rewarded ad to access core functionality. The opt-in is shown with a clear description of the reward and a "No Thanks" option. Video ads include a skip option after a required minimum viewing period (typically 5–30 seconds as set by the advertiser).
Advertisements styled to match the look and feel of surrounding app content. All native ads are clearly labeled with a visible "Ad", "Sponsored", or "Advertisement" label as required by applicable platform policies and advertising standards. Native ad labels comply with Google Play's and Apple App Store's transparency requirements.
With your consent (or where permitted by applicable law), ads may be targeted based on interests inferred from your device activity across other apps and websites. Without your consent (or upon opt-out), only contextual advertisements — based on the current app context, not your profile — will be displayed. To change your ad personalization preferences, navigate to: App Menu > Settings > Privacy > Ad Preferences.
We apply frequency caps to prevent excessive ad repetition. Interstitial ads are capped at no more than once per 60 seconds and no more than three times per session. Splash/startup ads are shown no more than once every 24 hours per device.
Our app is rated for users aged 13 and above. We do not serve behavioral or interest-based advertisements to users identified as under 13 years of age. If our app is accessed by a child, ad networks are instructed to serve only non-personalized, contextual advertisements. Relevant ad network child-directed treatment flags (e.g., AdMob's tagForChildDirectedTreatment, tagForUnderAgeOfConsent) are set appropriately.
Our website uses the following categories of cookies:
You may manage cookie preferences through our cookie consent banner or your browser settings. Disabling certain cookies may impair website functionality.
Our mobile app does not use browser cookies. Instead, it may use:
We comply with the Children's Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq. and the FTC's COPPA Rule (16 CFR Part 312). We do not knowingly collect personal information from children under 13. If we discover that we have inadvertently collected personal information from a child under 13, we will delete it immediately. Parents or legal guardians may contact us at support@canxinnew.com to request review, deletion, or to refuse further collection of their child's information.
Under GDPR Article 8 and UK GDPR, processing of a child's personal data for information society services is lawful only with parental consent for children under 16 (or under 13–16 depending on Member State law). Our services are not directed at children under 16 in the EEA/UK. If consent is required and we become aware that a user is under 16, we will terminate the account and delete collected data.
During account registration in our mobile app, we request a date of birth. Users indicating they are under 13 (or under 16 in EEA/UK) are refused account creation. We acknowledge that age gates are not foolproof; parents who discover their child has misrepresented their age should contact us immediately.
Our app is not classified under Google Play's Families Policy. If we publish a separate app designed for children, that app will comply with Google Play's Families Policy requirements, including restrictions on ad network SDKs, data collection, and in-app purchases.
Our app carries an age rating consistent with its content. The app is not rated 4+ (designed for children) and therefore is not subject to Apple's additional restrictions on data collection from children under 13 for child-directed apps. However, we voluntarily apply COPPA-compliant practices globally.
We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law:
Upon expiration of the applicable retention period, personal data is securely deleted or anonymized. You may request early deletion subject to the exceptions described in Section 11 (Right to Erasure).
We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:
Despite these measures, no system is completely secure. We cannot guarantee absolute security. If you have reason to believe your interaction with us is no longer secure, please contact us immediately at support@canxinnew.com.
If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under GDPR (Regulation (EU) 2016/679) and UK GDPR (retained EU law as defined in the European Union (Withdrawal) Act 2018):
To exercise any of these rights, submit a request to support@canxinnew.com with the subject line "GDPR Data Subject Request". We will respond within 30 days (extendable by a further 60 days for complex requests, with notice). We may request identity verification before fulfilling your request.
You have the right to lodge a complaint with your local supervisory authority. For the EEA, this is your national data protection authority (e.g., the German BfDI, the French CNIL, the Irish DPC). For the UK, this is the Information Commissioner's Office (ICO) at ico.org.uk. For China, it is the Cyberspace Administration of China (CAC). We would, however, appreciate the opportunity to address your concerns before you approach the supervisory authority.
Our primary legal bases under GDPR are: consent (Art. 6(1)(a)); contract (Art. 6(1)(b)); legal obligation (Art. 6(1)(c)); and legitimate interests (Art. 6(1)(f)). For special category data, we rely on explicit consent (Art. 9(2)(a)) where applicable, though we do not knowingly collect special category data.
If you are a California resident, the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA), grants you the following rights:
To submit a CCPA/CPRA request, email support@canxinnew.com with the subject "California Privacy Request" or use our contact form with subject "Other — California Privacy". We will respond within 45 days (extendable by 45 days with notice). We may request verification of your identity. Authorized agents may submit requests on your behalf with written authorization.
Categories of Personal Information Collected (Last 12 months): Identifiers (name, email, device ID); Internet/network activity (browsing on our website, app interactions); Geolocation data (coarse, from IP); Commercial information (purchase/subscription records); Inferences (interest categories from ad networks). No biometric, health, financial account, or precise geolocation data is collected by us directly.
If you are a Canadian resident, our practices comply with the Personal Information Protection and Electronic Documents Act (PIPEDA, S.C. 2000, c. 5) and, for Quebec residents, An Act to modernize legislative provisions as regards the protection of personal information (Law 25 / Bill 64).
Under PIPEDA, we collect, use, and disclose personal information with your knowledge and consent for identified purposes. You have the right to access your information and to challenge its accuracy. You may withdraw consent at any time, subject to legal or contractual restrictions.
Under Quebec Law 25 (effective September 2023), we provide:
To exercise your rights or submit a complaint, contact support@canxinnew.com. You may also contact the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca or the Commission d'accès à l'information (CAI) in Quebec at cai.gouv.qc.ca.
If you are a resident of Brazil, the Lei Geral de Proteção de Dados Pessoais (LGPD, Law No. 13,709/2018) applies to our processing of your personal data.
Under the LGPD, you have the following rights (Article 18):
Our legal bases for processing under the LGPD include: consent (Art. 7, I); contract performance (Art. 7, V); compliance with legal obligation (Art. 7, II); legitimate interests (Art. 7, IX). To exercise your LGPD rights, contact support@canxinnew.com. You may also contact Brazil's National Data Protection Authority (ANPD) at gov.br/anpd.
For users in the People's Republic of China, our processing is governed by the Personal Information Protection Law (PIPL, effective November 1, 2021) and associated regulations including the Data Security Law (DSL) and Cybersecurity Law (CSL).
Under PIPL, you have the right to:
As a company registered in China, we: (a) appoint a personal information protection officer; (b) conduct personal information protection impact assessments (PIPIAs) for high-risk processing; (c) comply with outbound data transfer rules under PIPL Article 38, including standard contracts approved by the CAC where personal information is transferred outside China; (d) maintain processing records as required by Article 55.
To exercise your rights, contact: support@canxinnew.com. You may also complain to the Cyberspace Administration of China (CAC) at cac.gov.cn.
For users in Thailand, the Personal Data Protection Act B.E. 2562 (PDPA) governs our data processing. Your rights include the right to access, rectification, erasure, restriction, data portability, objection, and the right to withdraw consent. We rely on consent and contractual necessity as our primary legal bases. To exercise rights under the Thailand PDPA, contact support@canxinnew.com. Complaints may be lodged with the Personal Data Protection Committee (PDPC) of Thailand.
For users in Singapore, the Personal Data Protection Act 2012 (PDPA) and the Personal Data Protection Commission (PDPC) guidelines govern our processing. We comply with the Notification Obligation (informing you of purposes before or at the time of collection), the Consent Obligation (obtaining consent where required), the Purpose Limitation Obligation, the Data Accuracy Obligation, the Protection Obligation, and the Retention Limitation Obligation. Our Data Protection Officer is contactable at support@canxinnew.com. You may also lodge a complaint with Singapore's PDPC at pdpc.gov.sg.
For users in Australia, our handling of personal information is governed by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained in Schedule 1 of that Act.
We comply with the APPs as follows:
To make an access or correction request, email support@canxinnew.com. Complaints may be made to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
Our mobile application complies with all requirements of the Google Play Developer Program Policy, including:
Our mobile application complies with all requirements of the Apple App Store Review Guidelines, including:
We are headquartered in China and use service providers and advertising partners located in the United States, European Union, Singapore, and other countries. When your personal information is transferred internationally, we use the following safeguards:
You may obtain a copy of applicable transfer safeguards by contacting support@canxinnew.com.
We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or for other operational reasons. We will notify you of material changes by:
We encourage you to review this Policy periodically. Continued use of our services after the effective date of a revised Policy constitutes your acceptance of the changes, except where applicable law requires fresh consent.
Archived versions of this Policy are available upon request by emailing support@canxinnew.com.
For any questions, concerns, or requests relating to this Privacy Policy or your personal information, please contact us:
Xiping Canxin New Energy Technology Co., Ltd
Data Privacy Team / Data Protection Officer
No. 26, Group 8, Fenglaozhuang Village Committee,
Caizhai Hui Ethnic Township, Xiping County, 463900, CN
Email: support@canxinnew.com
Subject Line: "Privacy Policy Inquiry — [Your Name]"
We will acknowledge receipt of your inquiry within 3 business days and provide a substantive response within the timeframes required by applicable law (typically 30 days for GDPR, 45 days for CCPA, 30 days for PIPL).
If you are not satisfied with our response, you may lodge a complaint with the relevant supervisory authority in your jurisdiction as outlined in the applicable regional sections of this Policy.